Simplify, accelerate and help secure SOA deployments 



IBM WebSphere DataPower SOA appliances 


Highlights 


■ Simplify SOA infrastructure and 
deployment through specialized 
SOA appliances 

■ Help secure SOA XML-based 
implementations 

■ Accelerate SOA implementations 
and performance with faster XML 
processing 


Organizations have to respond quickly 
to tactical change, and are adopting 
new operating models to achieve this 
agility. As a result, enterprises are 
recognizing the benefits of deploying 
reusable, open-standards-based 
software components in a service 
oriented architecture (SOA) approach. 
Taking this approach can result in a 
range of benefits, from improvements 
to financial transactions and online 
shopping to cost-saving inventory 
optimization across suppliers to 
synchronized multichannel product 
introductions. Likewise, embracing 
open standards, such as XML-based 
Web services, has helped many 
companies improve productivity, 
quickly respond to changing business 
needs and seize opportunities 
as they arise. 


To take advantage of the improved 
business processes, flexibility and IT 
efficiency that comes with moving to 
SOA, organizations require pervasive, 
scalable services and controls, robust 
security, and high service assurances 
in their infrastructures. Today, 
organizations often find themselves 
struggling to deliver these critical 
SOA requirements without having to 
handle prohibitive cost, complexity and 
hard-to-manage infrastructures. 
Addressing these challenges requires 
a pragmatic approach to SOA—one 
that simultaneously recognizes the 
evolution of standards, the value of 
existing infrastructure investments, 
your organizational challenges and 
how performance can be affected 
across applications. 



SOA life cycle 


WebSphere DataPower Integration 
Appliance XI50 


WebSphere DataPower SOA appliances can help with the deploy and manage phases of the SOA life cycle. 
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An innovative approach to SOA Web 
services processing 

IBM WebSphere® DataPower®SOA 
appliances offer a unique way to 
simplify deployments, improve 
performance and enhance the security 
of SOA implementations. With a broad 
product family to meet varying 
enterprise needs, WebSphere 
DataPower SOA appliances can 
complement specific IBM or other 
products to support each stage of the 
SOA life cycle. You can take advantage 
of the products’ critical transformation, 
acceleration, security and routing 
functions to help ease the deployment 
of your SOA implementations. 

WebSphere DataPower technology 
can meet the demand for fast, reliable 
XML processing by providing simple 
and consumable appliances that 
transform back-end disparate 
message formats to XM L while 
applying message-level security and 
service policies. You can streamline 
your SOA deployment in a security-rich 
environment with a WebSphere 
DataPower SOA appliance that 
requires minimal configuration, 
customization and management. You 
can also accelerate application 


integration by using a WebSphere 
DataPower SOA appliance to minimize 
the time necessary to implement an 
infrastructure that can optimally 
support the IBM SOA Foundation 
implementation. And they help protect 
SOA traffic by implementing XMLthreat 
protection and Web services security 
functions, as well as integrating with 
security and identity management 
software, such as IBM Tivoli® software. 

Addressing your business needs with 
three WebSphere DataPower appliances 

WebSphere DataPower SOA 
appliances are in a 1U (1.75in.) 
rack-mountable form factor to fit into 
industry-standard racks. Attachment to 
the network is through Ethernet. 
DataPower hardware and software 
cannot be taken apart and 
deployed within other servers. The 
following three SOA appliances offer 
expanded capabilities: 


• For accelerated SOA processing, 
the IBM WebSphere DataPower 
XML Accelerator XA35 appliance 
can speed common types of XML 
processing hy offloading it from 
servers and networks. It can 
perform XML parsing, XML schema 
validation, XML Path Language 
(XPath) routing. Extensible Stylesheet 
Language Transformations (XSLT), 
XML compression and other 
essential XML processing with 
wirespeecl XML perform a n ce. 


• For added security capabilities, the 
IBM WebSphere DataPower XML 
Security Gateway XS40 appliance 
provides an XML threat-reduction 
and security-enforcement layer for 
XML messages and Web services 
transactions, including encryption, 
filtering, digital signatures, 
schema validation, W'S-Security, 
XML access control, XPath and 
detailed logging. The appliance 
includes easy-to-use XML Firewall, 
service-level management and 
access-control enforcement. 

• For additional accelerated security- 
rich integration capabilities, 

IBM WebSphere DataPower 
Integration Appliance XI50 provides 
transport mediation, routing and 
transformations among binary, text 
and XML message formats. Visual 
tools can be used to describe data 
formats, create mappings between 
different formats and define message 
flows. This appliance offers an 
innovative solution for security-rich 
XML enablement, enterprise message 
buses and mainframe connectivity. 
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SOA appliances simplify 
SOA deployment 

By integrating many core functions 
required for adopting SOA or Web 
services into a single purpose-built 
device, appliances simplify the 
overall SOA infrastructure. WebSphere 
DataPower SOA appliances are 
designed to easily deploy into an 
existing environment as an inline 
device in XML proxy mode or 
alongside systems in coprocessor 
mode. You can gain business 
value from using these appliances 
without having to change your network 
or application software — and you can 
take advantage of IBM autonomic 
computing self-management 
capabilities. As a result, proprietary 
schemas, coding or application 
programming interfaces (APIs) are 
not required to install or manage 
the device. 

Integration across middleware to 
enhance SOA deployment 

WebSphere DataPower SOA 
appliances support IBM Rational® and 
other popular XML integrated 
development environments, which 
helps reduce the time you have to 
spend in development and 
debugging. You can also use 


WebSphere DataPower SOA 
appliances with IBM WebSphere 
Application Server, IBM WebSphere 
Process Server, IBM WebSphere 
Portal, IBM WebSphere MQ, IBM 
WebSphere Enterprise Service Bus 
(ESB) and IBM WebSphere Message 
Broker to help process XML 
transactions in a faster, more secure 
and simpler way. 

Integration with Tivoli security, identity 
and service management software 

The integration of WebSphere 
DataPower SOA appliances with 
IBM Tivoli Federated Identity Manager 
and IBM Tivoli Access Manager helps 
provide more-secure SOA 
deployments. Tivoli security- 
management solutions also enable 
you to centrally manage user 
accounts and credentials, set security 
policies and audit XML traffic that is 
protected by DataPower SOA 
appliances. Integration with IBM Tivoli 
Composite Application Manager for 
SOA enables centralized mediation 
control, service-level management 
and dashboard monitoring. The 
combination of Tivoli software and the 
robust WebSphere DataPower XML 
gateway provides the comprehensive 
capabilities for SOA security and Web 
services management that your 
enterprise requires. 


Helping you create more-secure SOA 
implementations 

As your organization moves to On 
Demand Business by implementing 
an SOA, the largest barriers continue 
to be scalable integration and 
application security. As a core part 
of IBM SOA Foundation, WebSphere 
DataPower SOA appliances offer 
easy configuration and operation to 
help reduce operational complexity. 
With WebSphere DataPower SOA 
appliances, IBM can help you 
simplify, accelerate and secure your 
SOA deployments to increase your 
flexibility—and help enable you 
to achieve your On Demand 
Business goals. 

For more Information 

To learn more about IBM WebSphere 
DataPower SOA appliances, contact 
your IBM representative or IBM 
Business Partner, or visit: 

ibm.com/websphere/datapower 

To join the Global WebSphere 
Community, visit: 

www.websphere.org 
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IBM WebSphere DataPower SOA appliances at a glance 

Specifications 

WebSphere 
DataPower XML 
Accelerator XA35 

WebSphere 
DataPower XML 
Security Gateway 
XS40 

WebSphere 
DataPower Integration 
Appliance XI50 

XML 

XPath 


✓ 


XSLT 

y 

y 

y 

Schema, document type definitions (DTDs) 

y 

y 

y 

Optimization 

Compression 

y 

y 

y 

Multistep flow processing and mediation 

y 

y 

y 

Wirespeed XML and XPath processing; XSLT 

y 

y 

y 

Enterprise messaging and integration 

Transport (HTTP, HTTP Secure [HTTPS]) 

y 

y 

y 

WebSphere MQ, Java™ Message Service (JMS) and so on 



y 

Protocol transformation (for example, from WebSphere MQ 
to HTTP) 



y 

Routing (XPath, WS-Routing and XML) 

y 

y 

y 

Non-XML message transformation (such as binary, 
flat text, COBOL Copybook, ISO 8583, electronic data 
interchange [EDI]) 



y 

Message logging 

y 

s 

y 

Data security 

Data validation (XML Schema, DTD and SOAP filtering) 

y 

V 

y 

XML encryption and digital signature 


V 

y 

WS-Security 


V 

y 

WS-SecureConversation 


V 

y 

Field and message-level XML security 


V 

y 

Security policy enforcement for XML Web services 

Authentication of Web services messages using WS-Security 
and Security Assertion Markup Language (SAML), Version 

1.0, 1.1 and 2.0 


y 

y 

Authorization for XML messages 


s 

y 

Support for Kerberos, RADIUS, Lightweight Directory Access 
Protocol (LDAP) and SAML queries 


y 

y 

Ability to process Liberty Alliance ID-FF, WS-Trust and WS- 
Federation messages when configured with Tivoli Federated 
Identity Manager or similar policy manager 


y 

y 

Federation of security tokens when configured with Tivoli 
Federated Identity Manager or similar policy manager 


y 

y 

Federal Information Processing Standard (FIPS) Hardware 
Security Module (HSM) option 


y 

y 
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IBM WebSphere DataPower SOA appliances at a glance (continued) 

Specifications 

WebSphere 
DataPower XML 
Accelerator XA35 

WebSphere 
DataPower XML 
Security Gateway 
XS40 

WebSphere 
DataPower Integration 
Appliance XI50 

Web services 

SOAP, Universal Description, Discovery, and Integration 
(UDDI), Web Services Description Language (WSDL) and 
Web Services Distributed Management (WSDM) 




WS-Trust and WS-SecurityPolicy 




System and service security 

Service virtualization 




XML and SOAP firewall 


s 


XDoS protection 


s 


Management 

Web GUI 

y 

s 

s 

Command-line interface (CLI) 

V 

s 

s 

Simple Network Management Protocol (SNMP) 

V 

s 

s 

SOAP management interface 

V 

s 

V 

Integrated development environment (IDE) integration 
through Eclipse and Altova XML Spy 

s 

s 

s 

Service-level management (to configure, enforce 
and monitor qualities of service) 


s 

s 

Logging, drill down and alerting (on-box, off-box 
or centralized) 

s 

s 

V 

Device virtualization and role-based management 


s 

V 

Transport Layer Security (TLS) 

Secure Sockets Layer (SSL) and HTTPS, 

hardware-accelerated 




Public key infrastructure (PKI) 

XKMS, RSA, 3DES, DES, AES, SHA, X.509, PKCS, 

CRLs, OCSP 




XML digital signature, time stamp and nonrepudiation 




Reliability 

Virtual Router Redundancy Protocol (VRRP), single 
firmware image, no moving media 
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